Information on source package typo3-src

Available versions

ReleaseVersion
wheezy (security)4.5.19+dfsg1-5+wheezy4

Open issues

BugwheezyDescription
TEMP-0766502-BFFD92vulnerableTYPO3-CORE-SA-2014-002: Multiple Vulnerabilities in TYPO3 CMS
CVE-2018-6905vulnerableThe page module in TYPO3 before 8.7.11, and 9.1.0, has XSS via ...
CVE-2017-14251vulnerableUnrestricted File Upload vulnerability in the fileDenyPattern in ...
CVE-2016-5091vulnerableExtbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 ...
CVE-2016-4056vulnerableCross-site scripting (XSS) vulnerability in the Backend component in ...
CVE-2015-5956vulnerableThe sanitizeLocalUrl function in TYPO3 6.x before 6.2.15, 7.x before ...
CVE-2014-9509vulnerableThe frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x ...
CVE-2014-9508vulnerableThe frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x ...

Resolved issues

BugDescription
TEMP-0571151-9735FDmultiple typo issues
TEMP-0505326-BEA2C3typo3: passwords are not changeable bug in the backend
TEMP-0364350-5A8D23typo3 mailforms can be abused to send spam
CVE-2015-2047The rsaauth extension in TYPO3 4.3.0 through 4.3.14, 4.4.0 through ...
CVE-2014-3946The query caching functionality in the Extbase Framework component in ...
CVE-2014-3945The Authentication component in TYPO3 before 6.2, when salting for ...
CVE-2014-3944The Authentication component in TYPO3 6.2.0 before 6.2.3 does not ...
CVE-2014-3943Multiple cross-site scripting (XSS) vulnerabilities in unspecified ...
CVE-2014-3942The Color Picker Wizard component in TYPO3 4.5.0 before 4.5.34, 4.7.0 ...
CVE-2014-3941TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, ...
CVE-2013-7081The (old) Form Content Element component in TYPO3 4.5.0 through ...
CVE-2013-7080The creating record functionality in Extension table administration ...
CVE-2013-7079Open redirect vulnerability in the OpenID extension in TYPO3 4.5.0 ...
CVE-2013-7078Cross-site scripting (XSS) vulnerability in the errorAction method in ...
CVE-2013-7077Cross-site scripting (XSS) vulnerability in the Backend User ...
CVE-2013-7076Cross-site scripting (XSS) vulnerability in Extension Manager in TYPO3 ...
CVE-2013-7075The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, ...
CVE-2013-7074Multiple cross-site scripting (XSS) vulnerabilities in Content Editing ...
CVE-2013-7073The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, ...
CVE-2013-4321The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x ...
CVE-2013-4320The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.9 and 6.1.x ...
CVE-2013-4250The (1) file upload component and (2) File Abstraction Layer (FAL) in ...
CVE-2013-1843Open redirect vulnerability in the Access tracking mechanism in TYPO3 ...
CVE-2013-1842SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x ...
CVE-2013-1464Cross-site scripting (XSS) vulnerability in assets/player.swf in the ...
CVE-2012-6148Cross-site scripting (XSS) vulnerability in the function menu API in ...
CVE-2012-6147Cross-site scripting (XSS) vulnerability in the tree render API ...
CVE-2012-6146The Backend History Module in TYPO3 4.5.x before 4.5.21, 4.6.x before ...
CVE-2012-6145Cross-site scripting (XSS) vulnerability in the Backend History module ...
CVE-2012-6144SQL injection vulnerability in the Backend History module in TYPO3 ...
CVE-2012-3531Cross-site scripting (XSS) vulnerability in the Install Tool in TYPO3 ...
CVE-2012-3530Incomplete blacklist vulnerability in the t3lib_div::quoteJSvalue API ...
CVE-2012-3529The configuration module in the backend in TYPO3 4.5.x before 4.5.19, ...
CVE-2012-3528Multiple cross-site scripting (XSS) vulnerabilities in the backend in ...
CVE-2012-3527view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19, ...
CVE-2012-2112Cross-site scripting (XSS) vulnerability in the Exception Handler in ...
CVE-2012-1608The t3lib_div::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, ...
CVE-2012-1607The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, ...
CVE-2012-1606Multiple cross-site scripting (XSS) vulnerabilities in the Backend ...
CVE-2012-1605The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 ...
CVE-2011-4904
CVE-2011-4903
CVE-2011-4902
CVE-2011-4901
CVE-2011-4900
CVE-2011-4632
CVE-2011-4631
CVE-2011-4630
CVE-2011-4629
CVE-2011-4628
CVE-2011-4627
CVE-2011-4626
CVE-2011-4614PHP remote file inclusion vulnerability in ...
CVE-2011-3584TYPO3-SA-2011-003
CVE-2011-3583TYPO3-SA-2011-002
CVE-2010-5104The escapeStrForLike method in TYPO3 4.2.x before 4.2.16, 4.3.x before ...
CVE-2010-5103SQL injection vulnerability in the list module in TYPO3 4.2.x before ...
CVE-2010-5102Directory traversal vulnerability in mod/tools/em/class.em_unzip.php ...
CVE-2010-5101Directory traversal vulnerability in the TypoScript setup in TYPO3 ...
CVE-2010-5100Multiple cross-site scripting (XSS) vulnerabilities in the Install ...
CVE-2010-5099The fileDenyPattern functionality in the PHP file inclusion protection ...
CVE-2010-5098Cross-site scripting (XSS) vulnerability in the FORM content object in ...
CVE-2010-5097Cross-site scripting (XSS) vulnerability in the click enlarge ...
CVE-2010-4068Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x ...
CVE-2010-3717The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x ...
CVE-2010-3716The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x ...
CVE-2010-3715Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x ...
CVE-2010-3714The jumpUrl (aka access tracking) implementation in ...
CVE-2010-3674Multiple security issues
CVE-2010-3673Multiple security issues
CVE-2010-3672Multiple security issues
CVE-2010-3671Multiple security issues
CVE-2010-3670Multiple security issues
CVE-2010-3669Multiple security issues
CVE-2010-3668Multiple security issues
CVE-2010-3667Multiple security issues
CVE-2010-3666Multiple security issues
CVE-2010-3665Multiple security issues
CVE-2010-3664Multiple security issues
CVE-2010-3663Multiple security issues
CVE-2010-3662Multiple security issues
CVE-2010-3661Multiple security issues
CVE-2010-3660Multiple security issues
CVE-2010-3659Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x ...
CVE-2010-1153PHP remote file inclusion vulnerability in the autoloader in TYPO3 ...
CVE-2010-0286Unspecified vulnerability in the OpenID Identity Authentication ...
CVE-2009-3636Cross-site scripting (XSS) vulnerability in the Install Tool ...
CVE-2009-3635The Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x ...
CVE-2009-3634Cross-site scripting (XSS) vulnerability in the Frontend Login Box ...
CVE-2009-3633Cross-site scripting (XSS) vulnerability in the ...
CVE-2009-3632SQL injection vulnerability in the traditional frontend editing ...
CVE-2009-3631The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before ...
CVE-2009-3630The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before ...
CVE-2009-3629Multiple cross-site scripting (XSS) vulnerabilities in the Backend ...
CVE-2009-3628The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before ...
CVE-2009-0816Multiple cross-site scripting (XSS) vulnerabilities in the backend ...
CVE-2009-0815The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through ...
CVE-2009-0258The Indexed Search Engine (indexed_search) system extension in TYPO3 ...
CVE-2009-0257Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 ...
CVE-2009-0256Session fixation vulnerability in the authentication library in TYPO3 ...
CVE-2009-0255The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 ...
CVE-2008-5656Cross-site scripting (XSS) vulnerability in the frontend plugin for ...
CVE-2008-5644Cross-site scripting (XSS) vulnerability in the file backend module in ...
CVE-2008-2718Cross-site scripting (XSS) vulnerability in fe_adminlib.inc in TYPO3 ...
CVE-2008-2717TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, ...
CVE-2007-6381SQL injection vulnerability in the indexed_search system extension in ...
CVE-2007-1081The start function in class.t3lib_formmail.php in TYPO3 before 4.0.5, ...
CVE-2006-6690rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through ...
CVE-2006-5069Cross-site scripting (XSS) vulnerability in class.tx_indexedsearch.php ...
CVE-2006-0327TYPO3 3.7.1 allows remote attackers to obtain sensitive information ...
CVE-2005-4875TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive ...

Security announcements

DSA / DLADescription
DSA-3314-1typo3-sec - end of life
DSA-3164-1typo3-src - security update
DSA-2942-1typo3-src - security update
DSA-2834-1typo3-src - several
DSA-2834-1typo3-src - several
DSA-2772-1typo3-src - cross-site scripting
DSA-2646-1typo3-src - several
DSA-2574-1typo3-src - several
DSA-2537-1typo3-src - several
DSA-2455-1typo3-src - cross site scripting
DSA-2445-1typo3-src - several
DSA-2289-1typo3-src - several
DSA-2289-1typo3-src - several
DSA-2121-1typo3-src - several vulnerabilities
DSA-2098-1typo3-src - several vulnerabilities
DSA-2008-1typo3-src - several vulnerabilities
DSA-1926-1typo3-src - several vulnerabilities
DSA-1926-1typo3-src - several vulnerabilities
DSA-1720-1typo3-src - several vulnerabilities
DSA-1711-1typo3-src - remote code execution
DSA-1596-1typo3-src - several vulnerabilities
DSA-1439-1typo3-src

Search for package or bug name: Reporting problems